Debian Security Advisory
DLA-223-1 nbd -- LTS security update
- Date Reported:
- 17 May 2015
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 784657.
In Mitre's CVE dictionary: CVE-2015-0847.
- More information:
A vulnerability has been discovered in nbd-server, the server for the Linux Network Block Device.
Tuomas Räsänen discovered that unsafe signal handling is present in nbd-server. This vulnerability could be exploited by a remote client to cause a denial of service.
For the oldoldstable distribution (squeeze), these problems have been fixed in version 1:2.9.16-8+squeeze2.
For the oldstable, stable, and testing distributions, these problems will be fixed soon.
We recommend that you upgrade your nbd-server packages.